$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa File: 349778ec-dd5c-4e52-8440-4155573588c4.roa (raw, json) Hash identifier: 7XciClwl2baqPW8uJH5SeUapN2B9XsTnjHBx16frK54= Subject key identifier: 22:15:BB:D4:1E:56:F8:44:58:3C:79:3B:58:4B:48:56:77:7F:5D:0D Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 5F61928087BA31BAC71AF5A7D4D3E0DA321AFD Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa Signing time: Mon 03 Feb 2025 00:00:00 +0000 ROA not before: Mon 03 Feb 2025 00:00:00 +0000 ROA not after: Mon 10 Mar 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:e0c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Feb 2025 00:00:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5f:61:92:80:87:ba:31:ba:c7:1a:f5:a7:d4:d3:e0:da:32:1a:fd Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000 Validity Not Before: Feb 3 00:00:00 2025 GMT Not After : Mar 10 23:59:59 2025 GMT Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:9f:64:08:5d:f9:68:43:4b:f5:93:04:76:10: a9:17:99:21:7c:f6:c2:6b:e1:aa:18:ec:85:50:e8: a5:66:3e:42:00:58:8f:64:81:38:be:f4:ee:cd:ca: 36:db:5e:ac:f2:16:2e:19:6c:7e:d1:d1:ff:fd:7d: 1e:e9:06:83:9a:8e:33:05:4f:57:a4:fb:0e:21:8d: 9d:22:3c:df:7b:d2:b3:4c:db:06:e2:c8:73:b9:eb: cc:dc:47:2d:88:07:d0:22:0c:b3:05:12:5e:48:84: 8d:b1:92:09:4c:95:66:7a:77:0b:31:10:21:bf:81: 50:c2:c0:6b:83:b6:7a:14:11:b4:ef:a4:7a:8a:71: 23:7a:22:fe:6d:b9:6a:af:90:13:ff:cc:5c:1e:93: 15:01:1a:98:53:e0:2f:26:8c:56:bc:31:e5:15:10: da:11:1a:5d:9d:29:76:d7:70:21:ff:ea:20:e8:c2: a5:ea:0d:39:e9:7a:fb:1d:08:ec:08:9c:e3:0e:6e: 93:1c:ae:6c:ba:b8:2f:47:94:62:2c:f2:6d:90:46: 30:03:c2:1a:e7:42:aa:4a:65:b7:3a:c2:b1:bf:13: a9:61:c0:7f:3c:e0:0f:3a:0b:92:e4:69:cd:36:de: c1:6e:fb:c6:be:18:c4:11:7d:bc:9f:c7:2c:72:3b: 9f:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:15:BB:D4:1E:56:F8:44:58:3C:79:3B:58:4B:48:56:77:7F:5D:0D X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/349778ec-dd5c-4e52-8440-4155573588c4.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:e0c0::/48 Signature Algorithm: sha256WithRSAEncryption 83:d2:0f:5c:b6:41:77:9f:12:e1:e7:96:65:12:29:30:ef:7d: a4:13:a0:24:9d:d8:23:1d:69:3a:57:68:d7:89:06:b5:93:bf: 65:4b:8b:21:8e:b8:43:22:cb:77:61:74:c2:15:27:9b:e2:ed: 75:a7:b3:f8:da:eb:61:e0:1a:ec:6a:4d:f0:98:bb:0a:84:6d: d0:a6:f2:a0:cf:a5:6b:0d:e6:ff:26:d6:2a:68:07:72:81:f9: 2f:f5:73:6f:de:db:aa:e4:08:6a:c4:11:64:1f:46:f2:81:83: 47:07:d8:a0:0b:cd:8c:2e:c3:08:26:35:9d:34:5c:2c:3a:9f: 12:7c:74:61:47:6f:de:c3:92:e6:71:aa:6c:13:cd:67:38:0b: 53:22:48:9f:fc:35:f4:6d:c9:1c:82:00:67:09:7e:03:25:9c: 58:68:fe:ac:cd:9e:fe:4c:ba:d7:72:ca:49:fd:cc:b1:63:be: be:7c:af:9d:28:c2:e0:53:8f:a9:99:87:b0:44:59:22:5d:3a: bd:e6:a6:af:99:01:30:a6:a2:68:da:7a:a8:8c:a0:0a:0d:f5: c3:e8:71:7b:06:2b:80:ba:b3:85:23:a6:38:09:5a:0b:a6:39: ee:f5:91:87:4c:7e:22:7b:7c:94:11:8c:4b:7b:72:e8:95:ab: 44:cd:a3:df -----BEGIN CERTIFICATE----- MIIFnjCCBIagAwIBAgITX2GSgIe6MbrHGvWn1NPg2jIa/TANBgkqhkiG9w0BAQsF ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjUwMjAzMDAwMDAwWhcN MjUwMzEwMjM1OTU5WjB6MUkwRwYDVQQFE0BmMWY5MTNhMWRlN2NjNzIzOGNmOTY0 ZjFjMzZlMzEzMDc5ODM2MzdmZjZkYzM2NDJmMWEzODZhNGNkMTgxNmJhMS0wKwYD VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDIn2QIXfloQ0v1kwR2EKkXmSF89sJr 4aoY7IVQ6KVmPkIAWI9kgTi+9O7NyjbbXqzyFi4ZbH7R0f/9fR7pBoOajjMFT1ek +w4hjZ0iPN970rNM2wbiyHO568zcRy2IB9AiDLMFEl5IhI2xkglMlWZ6dwsxECG/ gVDCwGuDtnoUEbTvpHqKcSN6Iv5tuWqvkBP/zFwekxUBGphT4C8mjFa8MeUVENoR Gl2dKXbXcCH/6iDowqXqDTnpevsdCOwInOMObpMcrmy6uC9HlGIs8m2QRjADwhrn QqpKZbc6wrG/E6lhwH884A86C5Lkac023sFu+8a+GMQRfbyfxyxyO59DAgMBAAGj ggJLMIICRzAdBgNVHQ4EFgQUIhW71B5W+ERYPHk7WEtIVnd/XQ0wHwYDVR0jBBgw FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv MzQ5Nzc4ZWMtZGQ1Yy00ZTUyLTg0NDAtNDE1NTU3MzU4OGM0LnJvYTCBlQYDVR0f BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8E AgACMAkDBwAkBtr/4MAwDQYJKoZIhvcNAQELBQADggEBAIPSD1y2QXefEuHnlmUS KTDvfaQToCSd2CMdaTpXaNeJBrWTv2VLiyGOuEMiy3dhdMIVJ5vi7XWns/ja62Hg GuxqTfCYuwqEbdCm8qDPpWsN5v8m1ipoB3KB+S/1c2/e26rkCGrEEWQfRvKBg0cH 2KALzYwuwwgmNZ00XCw6nxJ8dGFHb97DkuZxqmwTzWc4C1MiSJ/8NfRtyRyCAGcJ fgMlnFho/qzNnv5Mutdyykn9zLFjvr58r50owuBTj6mZh7BEWSJdOr3mpq+ZATCm omjaeqiMoAoN9cPocXsGK4C6s4UjpjgJWgumOe71kYdMfiJ7fJQRjEt7cuiVq0TN o98= -----END CERTIFICATE-----Generated at Wed Feb 5 04:06:41 2025 by rpki-client